Symfony ACL - issue deleting an ACE and resulting ace_order of remaining ACEs in the ACL #5820
Comments
|
I'm having the same situation. As soon as the ACEs are not in the right order (starting at 0, incrementing +1 each ACE) the ACL can't be saved. Haven't tried implementing/tweaking this code by samsamm777 from issue #3715 yet, seems it might work to select the ACE to remove. $classACEs = $currentAcl->getObjectAces();
for ($i=(sizeof($classACEs)-1); $i>=0; $i--)
{
if ($classACEs[$i]->getId()==$request->get('ace'))
{
// Find out if the ace has master or owner, and prevent the delete.
echo $classACEs[$i]->getMask();
//$currentAcl->deleteObjectAce($i);
}
}Will post an update if this works. |
|
Seemed a false alert. Got it solved with this: // get ACL
$aclProvider = $this->container->get('security.acl.provider');
$objectIdentity = ObjectIdentity::fromDomainObject($object_to_remove_from);
try {
$acl = $aclProvider->createAcl($objectIdentity);
}catch(\Exception $e) {
$acl = $aclProvider->findAcl($objectIdentity);
}
// Get all aces and try to get ACE for user to fire
$aces = $acl->getObjectAces();
foreach($aces as $i => $ace) {
if($ace->getSecurityIdentity() == $firedSID)
{
// Got it! Let's remove it!
$acl->deleteObjectAce($i);
}
}
$aclProvider->updateAcl($acl);Had an ACL to test on with 4 ACEs on it (orders 0, 1, 2, 3) |
|
I had this same issue. In fact my indexes were ok, but when multiple indexes were deleted in one pass, it failed. Solved by reversing the order of the loop as described by @Buurman14 above |
|
Closing this issue as ACLs are not part of Symfony Core anymore (see #14718 for the initial discussion). It the issue still exists, you can create an issue on symfony/security-acl or symfony/acl-bundle. Thanks. |
I have a question I hope you might be able to help with. I'm using ACL to secure individual entities (using object ACEs). So for example I have an entity with one ACL containing 5 object Aces, corresponding to 5 people that have access to the entity. In my app's UI, I revoke access to that entity for one of those 5 people. In my code I find and delete that one object ace. This all works fine, but this is also where the problem comes in. Prior to deleting that ACE, the acl_entries table shows the 5 entries and the ace_order field contains 0,1,2,3,4 for those records. However after deleting the ACE, the 4 remaining ACEs have order 0,0,1,3 (notice there is no order=2). In later code, where we try to save that ACL again, an exception is thrown "invalid index (2)" as it tries to access element #2 in the array. So not sure if I'm doing something wrong, or if this is a bug in the symfony ACL code. Any suggestions would be most appreciated!
The text was updated successfully, but these errors were encountered: